diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
index 373871b392..c5ab824c68 100644
--- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
+++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
@@ -59,7 +59,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
      * @throws IllegalArgumentException if a <code>null</code> was passed
      */
     public CasAuthenticationToken(final String key, final Object principal, final Object credentials,
-        final Collection<GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
+        final Collection<? extends GrantedAuthority> authorities, final UserDetails userDetails, final Assertion assertion) {
         super(authorities);
 
         if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal) || (credentials == null)
diff --git a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
index c4e675a4ac..19fd525ce4 100644
--- a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
@@ -49,7 +49,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
      * @param authorities the collection of <tt>GrantedAuthority</tt>s for the
      *                    principal represented by this authentication object.
      */
-    public AbstractAuthenticationToken(Collection<GrantedAuthority> authorities) {
+    public AbstractAuthenticationToken(Collection<? extends GrantedAuthority> authorities) {
         if (authorities == null) {
             this.authorities = AuthorityUtils.NO_AUTHORITIES;
             return;
@@ -67,6 +67,39 @@ public abstract class AbstractAuthenticationToken implements Authentication {
 
     //~ Methods ========================================================================================================
 
+    public Collection<GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+
+    public String getName() {
+        if (this.getPrincipal() instanceof UserDetails) {
+            return ((UserDetails) this.getPrincipal()).getUsername();
+        }
+
+        if (getPrincipal() instanceof Principal) {
+            return ((Principal)getPrincipal()).getName();
+        }
+
+        return (this.getPrincipal() == null) ? "" : this.getPrincipal().toString();
+    }
+
+    public boolean isAuthenticated() {
+        return authenticated;
+    }
+
+    public void setAuthenticated(boolean authenticated) {
+        this.authenticated = authenticated;
+    }
+
+    public Object getDetails() {
+        return details;
+    }
+
+    public void setDetails(Object details) {
+        this.details = details;
+    }
+
+    @Override
     public boolean equals(Object obj) {
         if (!(obj instanceof AbstractAuthenticationToken)) {
             return false;
@@ -109,26 +142,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         return this.isAuthenticated() == test.isAuthenticated();
     }
 
-    public Collection<GrantedAuthority> getAuthorities() {
-        return authorities;
-    }
-
-    public Object getDetails() {
-        return details;
-    }
-
-    public String getName() {
-        if (this.getPrincipal() instanceof UserDetails) {
-            return ((UserDetails) this.getPrincipal()).getUsername();
-        }
-
-        if (getPrincipal() instanceof Principal) {
-            return ((Principal)getPrincipal()).getName();
-        }
-
-        return (this.getPrincipal() == null) ? "" : this.getPrincipal().toString();
-    }
-
+    @Override
     public int hashCode() {
         int code = 31;
 
@@ -155,18 +169,7 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         return code;
     }
 
-    public boolean isAuthenticated() {
-        return authenticated;
-    }
-
-    public void setAuthenticated(boolean authenticated) {
-        this.authenticated = authenticated;
-    }
-
-    public void setDetails(Object details) {
-        this.details = details;
-    }
-
+    @Override
     public String toString() {
         StringBuilder sb = new StringBuilder();
         sb.append(super.toString()).append(": ");
diff --git a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
index 80dc6fa11b..d133bd185c 100644
--- a/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/RememberMeAuthenticationToken.java
@@ -46,7 +46,7 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
      *
      * @throws IllegalArgumentException if a <code>null</code> was passed
      */
-    public RememberMeAuthenticationToken(String key, Object principal, Collection<GrantedAuthority> authorities) {
+    public RememberMeAuthenticationToken(String key, Object principal, Collection<? extends GrantedAuthority> authorities) {
         super(authorities);
 
         if ((key == null) || ("".equals(key)) || (principal == null) || "".equals(principal)) {
@@ -60,6 +60,23 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
 
     //~ Methods ========================================================================================================
 
+    /**
+     * Always returns an empty <code>String</code>
+     *
+     * @return an empty String
+     */
+    public Object getCredentials() {
+        return "";
+    }
+
+    public int getKeyHash() {
+        return this.keyHash;
+    }
+
+    public Object getPrincipal() {
+        return this.principal;
+    }
+
     public boolean equals(Object obj) {
         if (!super.equals(obj)) {
             return false;
@@ -78,20 +95,4 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken i
         return false;
     }
 
-    /**
-     * Always returns an empty <code>String</code>
-     *
-     * @return an empty String
-     */
-    public Object getCredentials() {
-        return "";
-    }
-
-    public int getKeyHash() {
-        return this.keyHash;
-    }
-
-    public Object getPrincipal() {
-        return this.principal;
-    }
 }
diff --git a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
index a887d9af0e..727eb7f11e 100644
--- a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
@@ -68,7 +68,7 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
      * @param credentials
      * @param authorities
      */
-    public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection<GrantedAuthority> authorities) {
+    public UsernamePasswordAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities) {
         super(authorities);
         this.principal = principal;
         this.credentials = credentials;
diff --git a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
index 3e1b9622d9..48332a4545 100644
--- a/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
+++ b/openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
@@ -55,7 +55,7 @@ public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
      * used by the <tt>OpenIDAuthenticationProvider</tt>.
      *
      */
-    public OpenIDAuthenticationToken(Object principal, Collection<GrantedAuthority> authorities,
+    public OpenIDAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities,
             String identityUrl, List<OpenIDAttribute> attributes) {
         super(authorities);
         this.principal = principal;
diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
index 43495c239a..b6854d6481 100755
--- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
@@ -44,7 +44,7 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT
      * @param anAuthorities
      *            The granted authorities
      */
-    public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection<GrantedAuthority> anAuthorities) {
+    public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials, Collection<? extends GrantedAuthority> anAuthorities) {
         super(anAuthorities);
         this.principal = aPrincipal;
         this.credentials = aCredentials;